Subscribe to our Threatpost Today newsletter

Join thousands of people who receive the latest breaking cybersecurity news every day.

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

*

*

I agree to my personal data being stored and used to receive the newsletter

*

I agree to accept information and occasional commercial offers from Threatpost partners

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

WhatsApp Downplays Damage of a Group Invite Bug

WhatsApp said that claims that infiltrators can add themselves to an encrypted group chat without being noticed is incorrect.

Research that claims WhatsApp’s group messaging feature can be compromised by an attacker is being called into question by WhatsApp and the developer of the underlying messaging technology.

Last week, a team of researchers from Germany’s Ruhr University Bochum released an academic paper outlining flaws in WhatsApp’s group messaging service. They also claim to have found a less serious flaw in Signal. Signal is the messaging technology WhatsApp is based on.

In the case of WhatsApp, researchers claim the flaw could allow someone who controls a WhatsApp server to add an intruder to an encrypted group messaging session and read new messages shared between users and more.

The concern is the technique offers a way for WhatsApp to be pressured by the governments to access an encrypted group conversation. Another concern is if an attacker gains control of a WhatsApp server they too would be able to eavesdrop on encrypted group conversations.

WhatsApp, acquired by Facebook in 2014, supports end-to-end encryption and is considered a secure messaging platform based on the highly regarded Signal protocol, developed by Open Whisper Systems.

Once in, the WhatsApp server can be manipulated to “stealthily reorder and drop messages in the group. Thereby it can cache sent messages to the group, read their content first and decide in which order they are delivered to the members,” researchers wrote.

More importantly, the rogue WhatsApp server admin could block group management messages alerting group members the infiltrator had joined the group.

That’s where WhatsApp and Moxie Marlinspike, the developer of the Signal protocol, argue researchers have got it wrong.

“All group members will see that the attacker has joined. There is no way to suppress this message,” Marlinspike posted a response to the researcher’s claims on the Hacker News forum on Wednesday.

WhatsApp also released a public statement, “We’ve looked at this issue carefully. Existing members are notified when new people are added to a WhatsApp group.” It said even if an attacker had admin control over the group, they still couldn’t create a “hidden” user from the group.

Marlinspike added, the attacker can’t view past group messages because they are end-to-end encrypted with encryption keys the attacker doesn’t have.

Matthew Green, a cryptographer, computer science professor, and researcher at Johns Hopkins University, said in a blog post Wednesday that the problem stems from the fact that the “standard Signal protocol doesn’t work quite as well for group messaging” because it’s not “optimized for broadcasting messages to many users.”

Green said WhatsApp and Signal handle invites in a similar way.

“From a UX perspective, the idea is that only one person actually initiates the adding of a new group member. This person is called the ‘administrator’. This administrator is the only human being who should actually do anything — yet, here one click must cause some automated action on the part of every other group members’ devices. That is, in response to the administrator’s trigger, all devices in the group chat must send their keys to this new group member,” Green said.

Compared to WhatsApp, an attack on Signal group messaging session is harder. That’s because Signal requires invites to include a random 128-bit group ID number that “is never revealed to non-group-members or even the server,” Green explains. “That pretty much blocks the attack,” he said.

Alternatively, WhatsApp servers are instrumental in managing group messaging. WhatsApp, “determines who is an administrator and thus authorized to send group management messages,” Green said.

Also problematic, neither are WhatsApp group management messages end-to-end encrypted or signed. “The flaw here is obvious: since the group management messages are not signed by the administrator, a malicious WhatsApp server can add any user it wants into the group. This means the privacy of your end-to-end encrypted group chat is only guaranteed if you actually trust the WhatsApp server,” Green said.

Ruhr University Bochum researchers propose fixes, such as requiring Signal and WhatsApp to ensure management messages are signed by group administrators only.

WhatsApp declined to say if the fixes the researchers proposed are being considered.

WhatsApp does have a track record of pushing back on government requests to break encryption. The company supported Apple in its stance against the FBI’s request to circumvent the encryption on a terrorist’s iPhone. A Facebook employee was jailed in Brazil for refusing to cooperate with government authorities to create a back door in the service. It has also publicly rejected calls by the U.K. government to weaken encryption.

Discussion

When A and B are in a chatroom, each encrypts a message for the other to read.
If C wants to join, he must be invited using some mechanism that notifies all current members so that they add his public key to the list of clients to encrypt messages for.
That act should trigger a client notification, no?

Authors

Threatpost

InfoSec Insider Post

InfoSec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

Sponsored

Sponsored Post

Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.